You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2018/02/11 16:07:56 UTC
[Bug 7550] New: new rule VULN_PHPMAILER
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7550
Bug ID: 7550
Summary: new rule VULN_PHPMAILER
Product: Spamassassin
Version: 3.4.1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Score Generation
Assignee: dev@spamassassin.apache.org
Reporter: me@junc.eu
Target Milestone: Undefined
header VULN_PHPMAILER X-Mailer =~ /PHPMailer 5\.2\.[0-9] /i
score VULN_PHPMAILER 3.75
describe VULN_PHPMAILER Mail was sent from a vulnerable version of PHPMailer
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 7550] new rule VULN_PHPMAILER
Posted by bu...@bugzilla.spamassassin.org.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7550
Giovanni Bechis <gi...@paclan.it> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #5 from Giovanni Bechis <gi...@paclan.it> ---
It's in rulesrc/sandbox/davej/20_bug_7550.cf.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 7550] new rule VULN_PHPMAILER
Posted by bu...@bugzilla.spamassassin.org.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7550
Giovanni Bechis <gi...@paclan.it> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |giovanni@paclan.it
--- Comment #3 from Giovanni Bechis <gi...@paclan.it> ---
Currently used distributions are using all 5.3+ versions.
Even if some distribution have backported some security patches in the past I
think it is EOL atm.
OSX 10.8 (Mountain Lion) 5.3.10
Red Hat Enterprise Linux (RHEL) 5.3.3
Debian 6 (Squeeze) 5.3.3
CentOS 6 5.3.3
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 7550] new rule VULN_PHPMAILER
Posted by bu...@bugzilla.spamassassin.org.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7550
Kevin A. McGrail <km...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kmcgrail@apache.org
--- Comment #2 from Kevin A. McGrail <km...@apache.org> ---
Is PHPMailer 5.2.9 or lower distributed with any current distros?
When they do, backported patches often make this difficult to use in any type
of ham/spam analysis.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 7550] new rule VULN_PHPMAILER
Posted by bu...@bugzilla.spamassassin.org.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7550
Dave Jones <da...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |davej@apache.org
--- Comment #1 from Dave Jones <da...@apache.org> ---
Committed to davej sandbox.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 7550] new rule VULN_PHPMAILER
Posted by bu...@bugzilla.spamassassin.org.
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7550
--- Comment #4 from Kevin A. McGrail <km...@apache.org> ---
Want to throw it in your sandbox to test? I imagine it's going to be a 0.5
S/O.
--
You are receiving this mail because:
You are the assignee for the bug.